Agent will use both the ports. To send secure information it will use 443 and for updates etc it will use port 80.
Yes, thanks. My question is can I force it to use port 443 for all communication, ie for updates too. So nothing goes over port 80. Can this be done ?
1 of 1 people found this helpful
Unfortunately not that I know of - the master repository content is served via the agent-to-server port, which is 80 by default.(If of course it's just the port number that's blocked, rather than the protocol, then you could always change the agent/server port to an open port.)
Otherwise you could place a distributed repository on the other side of the firewall - the clients would be able to update from this, and the open ports required to replicate to the repo would depend on the protocol you choose for the repo itself.
Thanks, that really clears up any doubts I had. It is http which is disallowed so as you say changing the port won't help. I'll look at the distributed repository option. I was thinking of an agent handler on the other side of the firewall but I'm guessing from your answer that won't help as it would need to use http to talk back to the EPO server ?
I was thinking of an agent handler on the other side of the firewall but I'm guessing from your answer that won't help as it would need to use http to talk back to the EPO server ?
Yes, that's correct - an agent handler (and a lazy-caching superagent repository) won't work as they need to pull content from the master via http. Instead you need a distributed repo where the content is pushed from the server end.
One thing to note is that a superagent repository also uses a form of http - the agent/server communication protocol (called SPIPE) sits on top of http, so I'm not sure if your firewall would accept it. I'd go with a UNC or HTTP distributed repository, both of which use SMB to replicate. (An HTTP repo is replicated by creating a UNC share in its file structure rather than trying to use POST commands.)
Many thanks, that's very helpful. Looks like I've got some work to do...